OpenSSH 3.5 has been released

Wednesday, 16 October 2002, 11:10 AM EST

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support.

Changes since OpenSSH 3.4:

* Improved support for Privilege Separation (Portability, Kerberos, PermitRootLogin handling).

* ssh(1) prints out all known host keys for a host if it receives an unknown host key of a different type.

* Fixed AES/Rijndael EVP integration for OpenSSL < 0.9.7 (caused problems with bounds checking patches for gcc).

* ssh-keysign(8) is disabled by default and only enabled if the
HostbasedAuthentication option is enabled in the global ssh_config(5) file.

* ssh-keysign(8) uses RSA blinding in order to avoid timing attacks against the RSA host key.

* A use-after-free bug was fixed in ssh-keysign(8). This bug broke hostbased authentication on several platforms.

* ssh-agent(1) is now installed setgid in order to avoid ptrace(2) attacks.

* ssh-agent(1) now restricts the access with getpeereid(2) (or equivalent, where available).

* sshd(8) no longer uses the ASN.1 parsing code from libcrypto when verifying RSA signatures.

* sshd(8) now sets the SSH_CONNECTION environment variable.

* Enhanced "ls" support for the sftp(1) client, including globbing and detailed listings.

* ssh(1) now always falls back to uncompressed sessions, if the server does not support compression.

* The default behavior of sshd(8) with regard to user settable environ variables has changed: the new option PermitUserEnvironment is disabled by default, see sshd_config(5).

* The default value for LoginGraceTime has been changed from 600 to 120 seconds, see sshd_config(5).

* Removed erroneous SO_LINGER handling.

[ Read more ]




Spotlight

The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //